package cn.jbooter.restweb.autoconfigure.controller;

import java.util.HashMap;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import cn.jbooter.coms.pojos.Page;
import cn.jbooter.coms.utils.StringUtil;

/**
 * 前端验证是否有角色和权限
 * @author hejian
 *
 */
@Controller
@RequestMapping(value="/frame")
public class ShiroController {

	/**
	 * 验证是否有权限或角色
	 * @param page
	 * @param perms
	 * @return
	 */
	@ResponseBody
	@RequestMapping(value="/perms", method=RequestMethod.POST)
	public Page<Object> perms( Page<Object> page, @RequestParam("perms[]") List<String> perms ) {
		page.setMap(new HashMap<String, Object>());
		Subject subject = SecurityUtils.getSubject();
		String perm;
		for (int i = 0; i < perms.size(); i++) {
			perm = perms.get(i).trim();
			if ( !StringUtil.isEmpty(perm) ) {
				page.getMap().put(perm, subject.isPermitted(perm));
			}
		}
		return page;
	}
	
}
